Procmail Recipe
Please to enjoy my collection of procmail recipes.
PATH=/bin:/usr/bin:/usr/local/bin
MAILDIR=$HOME/mail
#LOGFILE=$MAILDIR/.procmail/log.date +%Y%m
#LOGFILE=$HOME/.procmail/recipie.log
LOGFILE=/dev/null
VERBOSE=on
SENDMAIL=/usr/lib/sendmail
FROM=formail -x from:
BLACKLIST=$HOME/.procmailrc_blacklist
####################################################################
# move large attachements right away
####################################################################
# Filter large messages/attachments into a folder and
# notify the sender. 102400 = 100k
:0:
* (^TO|^From).*(interactnetworks|lockdownnetworks).*
* > 307200
{
:0c
| (formail -r -I 'Precedence: junk' \
-A 'X-Loop: YOUR_NAME_HERE@lockdownnetworks.com' ; \
echo -n 'This is an automatic reply.\nPlease do NOT email me attachments over 300k.\n'; \
echo 'Place it on \\\\gabriel\\temp or on \\\\inifile\nThis is why we have a network.'; \
echo '-- '; \
echo 'YOUR_NAME_HERE PRIVATE x104';
## cat $HOME/.signature \
) | $SENDMAIL -oi -t
:0
Morons
}
# Filter large messages/attachments into a folder and
# notify the sender. 102400 = 100k
:0:
* > 1024000
{
:0c
| (formail -r -I 'Precedence: junk' \
-A 'X-Loop: YOUR_NAME_HERE@YOUR_NAME_HERE.com' ; \
echo -n 'This is an automatic reply\nPlease do NOT email me attachments over 1MB.\n'; \
echo 'Send me a link to the file, or upload it to ftp://ftp.YOUR_NAME_HERE.com/INCOMING/.'; \
echo '-- '; \
cat $HOME/.signature \
) | $SENDMAIL -oi -t
:0
Morons
}
:0
* ^From.*(alerts@reply.yahoo.com).*
{
:0 c
! YOUR_CELL_HERE@mobile.mycingular.com
:0
SMS
}
####################################################################
# anti-spam
####################################################################
# known spammer sites
#:0
#* ? (formail -x Reply-To: -x Return-path: -x To: -x From: -x Sender: | fgrep -q -i -f $BLACKLIST)
#spam
# mail from IP numbers that can't exist (usually Spamford Wallace/cyberpromo)
#:0
#* ^Received.*\[[0-9\.]*([03-9][0-9][0-9]|2[6-9][0-9]|25[6-9])
#spam
# matching To: and From: or Sender: line
# note that this rule is a little overzealous.
# I should probably catch anything from someone that I know
# and file it +inbox first, in case a friend bcc's us.
#:0
#*^TO\/.*
#*$^(From:|Sender:)$MATCH
#spam
#lacking a To: line
#:0:
#* !? (grep -q ^To: )
#spam
#lacking a From: line
#:0:
#* !? (grep -q ^From: )
#spam
#email of the form numbers@
:0:
* ^From: [0-9]+@.*
#* ^TO[0-9]+@.*
spam
# purely numeric address.
:0:
* ^From:.*( |<)[0-9]+@
spam
#email of the form something@numbers.com
:0:
* ^From: @[0-9]+\.com$
#* ^TO.*@[0-9]+\.com$
spam
#email of the form numbers@
:0:
* ^TO[0-9]+@.*
spam
#test if the subject is empty or if the subject field is missing altogether
:0:
* 1^0 ^Subject:([ ]$|$)
* 1^0 !^Subject:
/dev/null
#test if missing or an empty "From:" line in the header
:0:
* 1^0 ^From:([ ]$|$)
* 1^0 ! ^From:
#A catch: Don't use here the word-boundary operators \< \> Use just the plain <>
* 1^0 ^From:.*<>
/dev/null
#that red virus
:0 B
* ^(Hi! How are you\?|I send you this file in order to have your advice)
/dev/null
# Suspect countries, mail from these is usually spam a few false-positives here, but mostly accurate
:0:
#* ^From:.*\.(ro|tw|ru|cn|kr|sk|tr|ar|pk)([ >]|$)
* ^From:.*\.(tw|cn|kr|sk|tr|pk|ru|jp)([ >]|$)
/dev/null
# get rid of mail with a lot of stuff I can't read
# NOTE: this might not be readable in some editors
:0 BD:
* -1^1 .
* 2^1 =[0-9A-F][0-9A-F]
* 33^1 [¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿]
* 33^1 [ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß]
* 33^1 [àáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ]
* 33^1 =[A-F][0-9A-F]
/dev/null
:0:
* ^Subject:.*([0-9a-zA-Z]+ wrote:|[0-9a-zA-Z]+ here :\)|it.s [0-9a-zA-Z]+ :|hi it.s [0-9a-zA-Z]+).*
/dev/null
:0:
* ^Subject: (it me [0-9a-zA-Z]+|[0-9a-zA-Z]+ check this.|Greetings [0-9a-zA-Z]+|[0-9a-zA-Z]+ advice|It ready|[0-9a-zA-Z]+ FINANCIAL REPORT)
/dev/null
:0:
* ^Subject:.*({subj|rolex|wristwatches|timepieces|chronograhps|pharmacy|VPXL|pepsi|hoodai|hoodia|valium|xanax|accept credit cards|mortgages|Adult|adult listings|advertise to millions|bulk|creamed|debt|drains|earn|free tv|fortune|gambler|get paid to|get rid of|get up to|herbal|hgh|home owners|hotties|how to play|incest|inkjet|inkjets|irresistible girls|lenders looking for|lose fat|lose weight|low rates|lowest rates|make bigger|make money fast|norton|no tax|personal secrets|playstation|porn|prescription|promotional|prostate|reduce money|reverse aging|running so slow|septic|sexual|sizzling|tanning|toners|urinary|we pay|HGH...|rochelle gordon|oral b|penis|viagra|calculCleRib|Men's Health id|New software uploaded by ).*
/dev/null
:0:
* ^FROM:.*(info@rollinballzcrew.com|jna@retina.net|ScreenSaver3D|rochelle gordon|Logic.v.art|Snipe|telus.net|big@boss.com).*
/dev/null
:0 B
* (symbol|company) *?: *?[A-Z][A-Z][A-Z][A-Z][ \n]*
/dev/null
:0 B
* .*Sy ?m ?bol: +[A-Z][A-Z][A-Z][A-Z].*
/dev/null
:0:
* B ?? .*(wristwatches|timepieces|chronograhps|penis|erection|viagra|peniis|every good trader knows|first rule of investing|We called it yesterday and now it.s up 100).*
/dev/null
:0:
* ^FROM.*Symantec_AntiVirus
* ^Subject:.*Returned mail.*
/dev/null
:0:
* ^Subject:.+? sent you a.+?card from.+?!
spam
# SoBig virus
:0
* ^X-MailScanner: Found to be clean
#* ^Date:.*\-\-[0-9][0-9][0-9][0-9]$
* ^X-Mailer: Microsoft Outlook Express 6.00.2600.0000
#* ! ^X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
* ^Subject: (Re: ?)?(((My|Your) )?Details|Approved|Thank you\!|That movie|Wicked screensaver|Your application)
/dev/null
:0
* ^FROM.*(Microsoft|MS).*
* ^Subject:.*(microsoft|Returned)?.*
* > 140000
/dev/null
#email of the form numbers@some.place.com
#:0
#* ^From: ^[0-9]+@\w+\.[-\.\w+]?
#/dev/null
#email of the form something@numbers.com
#:0
#* ^From: \w+([\.\w+])?@[0-9]+\.[\w+]?
#/dev/null
#:0
#* ^.*nobody@YOUR_NAME_HERE.com
#/dev/null
:0
* ^Subject: .*out of (the )?office
/dev/null
:0
* ^FROM.*MAILER-DAEMON.*
* ^Subject:.*(returned|failure|delivery|Warning:|Banned file:).*
/dev/null
:0
* ^FROM.*postmaster@.*
* ^Subject:.*(InterScan NT Alert|notification|echec de distribution).*
/dev/null
:0
* ^FROM.*virus.*
* ^Subject:.*virus.*
/dev/null
:0
* ^Subject:.*(Re:|Fw:|Undeliverable:).*Merry Christmas!.*
/dev/null
# This catches about 99% of deliberate viagra mispellings ie v1@GRa, v1agr@ etc
:0 H
* ^Subject.*[Vv][1jl\|][aA\@][Gg][Rr][Aa\@]
{
:0
/dev/null
}
# Redirect common virus attachments inc. zipped versions
:0 B
* name=.*(document|readme|doc|text|file|data|test|message|body)\.(vbs\"|wsf\"|vbe\"|wsh\"|hta\"|scr\"|pif\"|exe\"|shs\"|bat\"|bas\"|cmd\"|zip\")
{
:0
/dev/null
}
# Some more common virus attachments inc. zipped versions
:0 B
* name=.*(Attach|Information|Readme|Document|Info|TextDocument|Textfile|MoreInfo|Message|mystic|details|watch_me)\.(pif\"|zip\")
{
:0
/dev/null
}
# Redirect windows executables (note - haven't included exe and com
:0 B
* name=.*\.(vbs\"|wsf\"|vbe\"|wsh\"|hta\"|scr\"|pif\"|shs\"|bat\"|bas\"|scr\"|dll\")
{
:0
spam
}
# This one finds them annoying Custom Logo spams that seem to get past most filters
# :0 B
# * .*out\.php\?email\=(sales|info)\@
# {
# :0
# spam
# }
:0
* ^To:.*(mail@|mailman@lists.|info@rollinballzcrew.com).*
/dev/null
##########################################
# a1 - Filter out attachments of type vbs, exe, hta, scr, js, wma, chm, pif,bat and com.
# store this messages in mail account viruscontrol. This gives
# us a chance to examine the message for possible error in filtering.
:0B
* ^[ \t]*name.*\.(vbs|hta|scr|pif|js|bat|com|wma|chm)|\
^.*name.*\".*\.(vbs|hta|scr|pif|js|bat|com|wma|chm)\"|\
^Content-.*\".*\.(hta|vbs|scr|pif|js|bat|com|wma|chm)\"|\
^filename=.*\".*\.(hta|vbs|scr|pif|js|bat|com|wma|chm)\"|\
^name=.*\".*\.(hta|vbs|scr|pif|bat|mp3|com|wma|chm)\"|\
^name=.*.*\.(hta|vbs|scr|pif|bat|mp3|com|wma|chm)|\
^name=*.\.(hta|vbs|scr|pif|bat|mp3|wma|chm)|\
^.*name=.*\.(vbs|hta|scr|pif|bat|mp3|wma|chm)|\
^filename=.*\"worms.zip\"
{
:0
#/dev/null
spam
}
####################################################################
# other stuff
####################################################################
:0:
* (^TO|^From).*(job|jagent|techiegold|brassring|nettemps|notifications@zend.com|dice.com|imatch|LinkedIn|notchup).*
"Jobs/Job Prospects"
:0:
* ^From.*(portage).*
root/portage
#this has to come up here b/c I'm subscribed with my symcell address and it will get filtered in the wrong order
:0:
* (^TO|^From).*(seattletechstartups.com|nwen.org|tie.org|123signup|washingtontechnology.org|wsa.org).*
Lists/Entrepreneurial
####################################################################
# mailing lists
####################################################################
:0:
* (^TO|^From).*(truthaboutabs|ftkirkland|fitnesstogether|nutritionexpress.com|24hourfitness|vitaminshoppe).*
Lists/Health
:0:
* (^TO|^From).*(rollinballzcrew|jj.net|judgejules|ibiza|rbc-admin|party-admin|bringiton|djcl|marq.org|ICE Member List|uscevents|lastsupperclub|theheavensnightclub|chronus|scottkeith|elementseattle|clubcontour|twisted.ca|Electra-Fi|seesoundlounge|See Sound Lounge|nwtekno|lawrence|drugpolicy.org|ultramusic|johnnymonsoon|adsr.org|beatlabs.com|cybersasha|groovetickets|insomniacevents|igetin.com|9groupvegas|nextlevel|giantclub|djmag|lemaitre).*
Lists/RBC
:0:
* ^TO(root@YOUR_NAME_HERE|root@localhost)
"root/My Server"
:0:
* ^From.*(register.com|godaddy.com|dyndns).*
"root/My Server"
:0: symfony
* (^TO|^From).*(symfony|symfony-users@googlegroups.com|symfony-devs@googlegroups.com).*
Lists/Symfony
:0: trac
* (^TO|^From).*trac-users@googlegroups.com.*
Lists/Trac
:0: svn
* (^TO|^From).*@subversion.tigris.org.*
Lists/Subversion
:0: PHP
* (^TO|^From).*(lists.php.net|phpclasses.org|PHP Classes|seaphp|zend).*
Lists/PHP
:0:
* (^TO|^From).*(mysql|webyog).*
Lists/mySQL
:0:
* ^From.*(doubleyourdates.com|doubleyourdating|mehow.tv|neilstrauss|strauss|stylelife).*
Lists/Misc
:0:
* (^TO|^From).*(craigslist|thematrixstudio).*
Other/forsale
#:0: OasysBLOCKEXT
#* ^TOoasys-pci@yahoogroups.com
#| sed -e '/^-* Yahoo! Groups Sponsor -*~-~>/,/^-*_->/d' \
# >> Lists/Oasys
#:0: MackieD8BLOCKEXT
#* ^TOmackied8b@yahoogroups.com
#| sed -e '/^-* Yahoo! Groups Sponsor -*~-~>/,/^-*_->/d' \
# >> Lists/MackieD8B
#:0: Pulsar$LOCKEXT
#* ^TOpulsar
##| sed -e '/^-* Yahoo! Groups Sponsor -*~-~>/,/^-*_->/d' \
#| sed -e '//,//d' \
# >> Lists/Pulsar
#get rid of LAM or LAB posts in logic list
#:0:
#* ^TOlogic-users@yahoogroups.com
#* ^Subject: .*(LAM|LAB).*
#/dev/null
#:0: LogicLOCKEXT
#* ^TOlogic-users@yahoogroups.com
#| sed -e '/^-* Yahoo! Groups Sponsor -*~-~>/,/^-*_->/d' \
# >> Lists/Logic
#:0: CakewalkLOCKEXT
#* ^TOcakewalk
#| sed -e '/^-* Yahoo! Groups Sponsor -*~-~>/,/^-*_->/d' \
# >> Lists/CakeWalk
#:0:
#* ^TOsamba@
#Lists/Samba
:0: linuxug
#* ^Subject:
* ^TO.*(balug|lugor|svlug|gslug).*
| sed -e 's/^begin /[begin] /' \
>> Lists/Linux/UserGroups
:0: ruby
#* ^Subject:
* (^TO|^From).*(ruby-bounces|zenzpider.com|rubyforge).*
Lists/Ruby
:0: gentoo
* ^List-Id:.*gentoo-.[a-zA-Z0-9]+\.gentoo\.org
Lists/Linux/Gentoo
:0: gentoo
* (^TO|^From).*gentoo.*
Lists/Linux/Gentoo
:0: mailman
#* ^Subject:
* ^TOmailman
Lists/Linux/mailman
:0: tux
* (^TO|^From).*(redhat-list|psyche-list|shrike-list|redhat@info.redhat.com|fedora|tuxmag).*
Lists/Linux/Linux-All
:0: exim
#* ^Subject:
* ^TOexim
Lists/Linux/exim
:0: gnome
#* ^Subject:
* ^TO.*@gnome.org.*
Lists/Linux/Gnome
:0: kde
#* ^Subject:
* ^TO.*kde.org.*
Lists/Linux/kde
:0: PVR
* (^TO|^From).*(mythtv|thegreenbutton|mcesoft|TiVo).*
Lists/PVR
:0: PALM
* ^From.*(motionapps|mytreo|shsh|PalmOne|Treo|palmnewsletters.com|openmoko).*
Lists/Palm
:0: linux
* ^TO(linux-dell-laptops|dell-inspiron-8200|usa.dell.com).*
Lists/Linux/Dell
:0: linux
* ^From.*(lj-announce@ssc.com|linuxjournal.com|noreply@lists.linuxjournal.com|Linux Journal).*
"Lists/Linux/Linux Journal"
:0:
* ^TO(swn-talk@googlegroups.com|seattlewireless.net|netstumbler@c2security.org|wardriving@michiganwireless.org|Gpsd-users|HostAP|schmoo.com)
Lists/WiFi
:0: ebay
* ^From.*@(ebay.com|paypal.com).*
Other/Ebay
:0:
* ^From.*(fedex.com|usps.com|ups.com|brownpapertickets.com|sunglassesgiant).*
Other/Reciepts
:0: carpc
* ^From.*(gnetcanada|audiovox|buygpsnow|xenarc|imobilepc|carmediaconcepts|mp3car.com|scion|yoursciontc|scionlife|fluxmedia.net|streetdeck).*
Lists/CarPC
:0: carpc
* ^Subject:.*(infill|G4|CarPC|Car PC|streetdeck|centrafuse).*
Lists/CarPC
####################################################################
# if these people email me, then page me and let me know immediately.
####################################################################
# Margaret
#:0 c
#* ^From.*([Ss]t[lL]e[jJ]eune@aol.com)
#! page_YOUR_NAME_HERE@YOUR_NAME_HERE.com
## Alex
#:0 c
#* ^From.*alexfwolf@hotmail.com
#! page_YOUR_NAME_HERE@YOUR_NAME_HERE.com
####################################################################
# send back contents of current info file upon email request
####################################################################
:0 c
* !^From +YOUR_USERNAME
* !^Subject:.*Re:
* !^FROM_DAEMON
* ^Subject:.*send current info
| (formail -r ; cat ~/current_info.txt) | $SENDMAIL -oi -t
####################################################################
# fudge a bounced message back to someone who sends me HUGE files
####################################################################
:0
* ^From.*(jPRIVATE@optionsgroup.com)
| (echo "From: POSTMASTER@YOUR_NAME_HERE.com"; \
echo "To: $FROM"; \
echo "Subject: You have lost your email privs to me"; \
echo "";\
echo "Since you repeatedly send me large attachments, I have banned you from emailing me\nYou may call my cell YOUR_CELL_HERE if you need to get a hold of me." \
) | $SENDMAIL -oi -t
####################################################################
# Forward anything on for my phone SMS, but filter out the spam!
####################################################################
:0
* ^From.*(alerts@reply.yahoo.com).*
{
:0 c
! YOUR_CELL_HERE@mobile.mycingular.com
:0
SMS
}
:0
* ^TO.*page_YOUR_NAME_HERE.*
{
:0 c
* < 1300
! YOUR_CELL_HERE@mobile.mycingular.com
# :0
# * < 1300
# SMS
}